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TOE CIAIMS 

Please aixiend the claims ta read as follows: 

Iiis-binCT of Cl^ -i^"tg 

1 . (Currently Amended) A data processing system £or generating 
at least one unique base key, coa^rising a cryptographic device 
including at least one master group key, at least one security 
token including a unique identifier^ and communication means for 
exchanging data between said cryptographic device and said token, 
wherein^ 

said cryptographic device includes a logic operator memw a^ftl^ 
eoafeinntg gjambines said at least one master group key with said 
unique identifier received from said token through said 
communication means, producing said at least one unique base key, 
and 

said at least one security token includes data storage means 
for at o rln g that stores said at least one unique base key and a 
cryptographic m e ans u sing section that uses said stored at least 
one unique base key. 

2. (Currently Amended) The system according to claim 1, 
wherein said logic operator means includes an exclusive OR bitwise 
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operatpr meams, 

3. (Currently i^ended) The system according to claim 2, 
wherein said unique identifier and said master group key are used 
as operands by said exclusive OR bit-wise operator means forming 
said at least one base key. 

4« (Currently Amended) ^e system according to claim 1 further 
including a message digest function meems for dig e stin g section 
that digests said unique identifier before operation by said logic 
operator means , 

5. (Currently Amended) A method of generating at least one 
first w T^iqng^ base key and one second unique base key^ comprisingj. 
the ftt e ps o f 

generating a master group key by a crsfptographic device, 

receiving a first unique identifier from a first security 
token by said crypliographic device, 

performing a logic operation using said first unique 
identifier and said master group key as operands producing said at 
least one first unique base key, 

operatively injecting said at least one first unique base key 
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into said first security token ^ 

TQeeivina a sec ond nnioue identifier from a second security 
token bv said dryptoara phic device, 

performi tiigf a logic operation using said second uniq^ie 

identifier and sa -a^ ^«<i*-^r> q^^^m operands prodncina said at 

least one second unigfue ba ^*" ''^^Yr ^"'^ 

Qperativelv ini eetina said at least one seoond unique base key 
into said second security token repeatin g fcaiJ steps fuj. uL IcjaAt 
a. & e cond ae c u r itjf t o ken , 

6. (Original) The method according to claijn 5, further 
oomprising the steps of . digesting said unique identifier using a 
message digest function. 

7. (Original) The method according to claim 6, wherein said 
logic ciperation includes an exclusive OR bit-wise operation. 

8 . (Currently Amended) A system for performing symmetric keys 
based mutual authentications between at least two security tokens^ 
comprising: 

a first s e cur e security token including a first unique 
identifier, a first unique base key whibh is a function of a master 
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key and o£ said first unique identifier, a first cry p t og iiapliy maang 
cryptographic section , and a first x&emory storage m e ans section , -r 

a second security token including a second unique identifier, 

a second unique base key which is a function of said niaster 
key and of said second unique identifier, and 

Si second cry p t og a- ' aphy meang cryptographic section compatible 
with said first cr yptogr aphic section, and a second memory storage 
means section, and 

a communication means — f o r exchan g in g section that exchanges 
data between said first and second s e cur e security tokens , wherein 

said first secure security token coaqprises Sl first logic 
operator mean? fuj, pxuum&alug that processes said first unique base 
key and said second unique identifier reoelyed from said second 
security token, producing a first composite group key, 

said second secure security token comprises a second logic 
operator means f o r p r o c e ssin g that processes said second unique 
base key and said first unique identifier received from said first 
security token, producing a second conposite group key, and 

said first and second oontposite group keys Lelnij are equal. 

9. (Currently Amended) The system according to claim 8 wherein 
said second unique identifier processed by said first logic 
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operator meaiks is a messagQ digest of said second unique 
identifier, said first security token oonqprising a first message 
cLLgest function means — for — d i ge stin g section that digests said 
second unique identifier received using said cammunications mean^ 
aeation from said second security token. 

10. (Currently Aoiended) The system according to claim 9 
wherein said first unique identifier processed by said second logic 
operator mean? is a message digest of said first unique identifier^ 
said second securi^ token c^i^rising a second message digest 
function means f o J. OlytjAtip g section that digests said first unique 
identifier received using said coinmunications meam ^Qq'feJiffA from 
said first security token. 

11. (Currently Amended) The system according to claim 10 
wherein said first logic operator meen con^rises a first €£xclusive 
OR bit-wise operator, said message digest of said second unique 
identifier and said first unique base key being used as operands by 
said first exclusive OR bit-wise operator, producing said first 
composite group key which is stored using said first memory storage 
means section.. 
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12 . (Currently Amended) The system according to claim 11 
wherein said second logic operator m e ans comprises a second 
exclusive OR blt-wlse operator, said message digest of said first 
unique Identifier and said second unique base key being used as 
operands by said second exclusive OR blt*-wlse operator, producing 

said second composite group key which Is stored using said second 

I 

memory storage means section , 

13. (Currently Amended) The system according to claim 12 
wherein said first security token coonprlses first ra n dom nuniber 
generating m e ans for g eneratin g section that generates a first 
random number, said first random number being stored using said 
first memory storage means section ^ said first cryptographic m e ans 
section encrypting said first random nuaiber with said first 
composite group key producing a first cryptogram. 

14. (Currently Amended) The system according to claim 13 
wherein said second security token comprises second randcam number 
generating means f o r generati ng section that generates a second 
random nimiber, said second random nudsber being stored using said 
second mraiory storage means sect±on, said second cryptographic 
means section encrypting said second random number with said second 
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coinposlte gzovap key pxodiicxzi^ a second cfyp^og'Tasi. 

15. (Currently Azaended) The system according to claim 14 
wherein said first cryptogram is sent to said second security token 
using said conmunioations means section and decrypted using said 
second composite group key and said second cryptographic meew 
section . producing a first ranciom number result. 

16. (Currently Amended) The system according to claim 15 
wherein said second cryptogram is sent to said first security token 
using said communications muaiia seotion and decrypted using said 
first coasposite group key and said first cryptographic means 
section, producing a second random number result. 

17. (Currently Amended) The system according to claim 16 
wherein said first random number result is sent to said first 
security token using said communications meaan section , said first 
security token con^rising a first comparing means for — compaua ng 
section that compares said first random nT2iiiber result to said first 
random number retrieved using said first memory storage mean9 
section. 
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18. (Currently Amended) The system according to claim 17 
wherein said second random number result is sent using said 
communications m e ans section to said second security token, said 
second security token comprising second comparing means — for 
c o m p arin g aeetion that compares said second random number result to 
said second random number retrieved using said second memory 
storage meax» section « 

19. (Original) The system according to claim 17 wherein a 
match between said £irst random number result and said first random 
number authenticates said second security token to said first 
security token. 

20. (Original) The system according to claim 18 wherein a 
match between said second random number result and said second 
random number authenticates said first aecuri-^ token to said 
second security token. 

21. (Currently Amended) The system according to claim 8 
wherein said first cryptographic means section and said second 
cryptographic means section includes at least one common symmetric 
cryptographic algorithm. 
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22. (Currently Amended) A method for performing mu1:ual 
autbentioatlono between a first security token and a seoond 
security token^ oon^rlslng: 

sending a first unique identifier frcam a first security token 
to a second security token, 

sending a second unique identifier from said second security 
token to a said first security token / 

digesting said second unique identifier by said first security 
token using a message digest function nnitually installed in said 
first and said second security tokens producing a second digest 
result, 

digesting said first unique identifier by said second security 
token using said message digest function producing a first digest 
result f 

performing an exclusive OR bit-wise operation by said second 
security token using said s e c o nd first digest result and a second 
unique base key as operands, producing a second conposlte group 
key, wherein said second unique base key is a function of a master 
key and of said second unique identifier > 

performing an exclusive OR bit-wise operation by said first 
security token using said first second digest result and a s e c o nd 
first unique base key as operands, producing a first composite 
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group key, wherein s a id f irflt: imloue base kev xa a function of sai4 
maflter key and of said fira ^ ^ imlmie ±deni:ifler, and wherein sajd 
■P-iygfc a i^ ^ Second compoailua group fc ^Y^ equal, 

generat;ing a first random nuiiiber by said first security token, 
storing a copy of said first random nuniber and encrypting said 
first random nuxaber using said first cos^osite group key and a 
mutually shared cryptographic algorithm, producing a first 
cryptogram ; 

generating a second random number by said second security 
token, storing a copy of said second random number and encrypting 
said second random number using said second composite group key and 
said mutually shared cryptographic algorithm, producing a second 
cryptogram, 

sending said first cryptogram from said first security token 
to said second security token, 

sending said second cryptogram f rcmi said second security token 
to said first security token, 

receiving and decrypting said first cryptogram using said 
second composite group key and said mutually shared cryptographic 
algorithm by said second security token producing a first random 
number result, 

receiving and decrypting said second cryptogram using said 
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first composite group key and said mutually shared cryptographic 
algorithm by said first seouri^ token producing a second random 
number result, 

sending said first random number result from said second 
security token to said first security token, 

sending said second random number result from said first 
security token to said second security token, 

receiving said first random number result by said first 
security token, retrieving said copy of said first random number 
from memory and comparing said first random numiber result to said 
copy of said first random number, 

receiving said second random number retsult by said second 
security token, retrieving said copy of said second random number 
from memoary sucid comparing said second random number result to said 
copy of said second random nusiber^ 

authenticating said second security token to said first 
security token if said first random number result matches said copy 
of said first random number, and 

authenticating said first security token to said second 
security token if said second random number result matches said 
copy of said second random number » 
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23 - (Original) The method according to claim 22 ^ wherein said 
mutually shared cryptographic algorithm is a symmetric algorithm. 

24. (Original) A program storage device readable by a machine, 
tangibly oibodying a program o£ instructions executable by said 
machine to perform the method step? of claim 5 or 22. 
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